diff --git a/manifests/profile/haproxy.pp b/manifests/profile/haproxy.pp index 44b445148..3277bd40f 100644 --- a/manifests/profile/haproxy.pp +++ b/manifests/profile/haproxy.pp @@ -135,8 +135,8 @@ dport => [80, 443], source => $::ipaddress, state => 'NEW', - action => 'accept', - tag => 'haproxy' + jump => 'accept', + tag => "${::datacenter}_haproxy" } @@firewall { "200 HTTP firewall6: HAProxy ${::hostname}": diff --git a/manifests/profile/prometheus.pp b/manifests/profile/prometheus.pp index ed95fbe05..c7cee274b 100644 --- a/manifests/profile/prometheus.pp +++ b/manifests/profile/prometheus.pp @@ -231,7 +231,7 @@ proto => 'tcp', source => $address, state => 'NEW', - action => 'accept', + jump => 'accept', ; "010 prometheus public node exporter ${::hostname} ${address}": @@ -247,11 +247,13 @@ "010 prometheus public node exporter firewall6 ${::hostname} ${address}": tag => "firewall6-${::datacenter}_prometheus_public_node_exporter", dport => 9100, + action => 'accept', ; "010 prometheus public ipmi exporter firewall6 ${::hostname} ${address}": tag => "firewall6-${::datacenter}_prometheus_public_ipmi_exporter", dport => 9290, + action => 'accept', ; } } @@ -262,7 +264,7 @@ proto => 'tcp', source => $address, state => 'NEW', - action => 'accept', + jump => 'accept', ; "010 prometheus private node exporter ${::hostname} ${address}": @@ -302,7 +304,7 @@ dport => 9101, source => $::ipaddress, state => 'NEW', - action => 'accept', + jump => 'accept', } @@firewall { "010 prometheus firewall6 haproxy exporter ${::hostname}": @@ -320,7 +322,7 @@ dport => 9104, source => $::ipaddress, state => 'NEW', - action => 'accept', + jump => 'accept', } @@firewall { "010 prometheus firewall6 mysql exporter ${::hostname}": diff --git a/manifests/profile/prometheus/exporter/node.pp b/manifests/profile/prometheus/exporter/node.pp index 188d6e16c..b7b949b6f 100644 --- a/manifests/profile/prometheus/exporter/node.pp +++ b/manifests/profile/prometheus/exporter/node.pp @@ -155,7 +155,7 @@ dport => 9091, source => $address, state => 'NEW', - action => 'accept', + jump => 'accept', } @@firewall { "300 pushgateway firewall6 ${::hostname} ${address}": diff --git a/manifests/unison/client.pp b/manifests/unison/client.pp index 1c88918e4..ef8010e17 100644 --- a/manifests/unison/client.pp +++ b/manifests/unison/client.pp @@ -39,7 +39,7 @@ dport => [$port], source => $::ipaddress, state => 'NEW', - action => 'accept', + jump => 'accept', tag => "unison-client-${title}" } diff --git a/spec/classes/profile/haproxy_spec.rb b/spec/classes/profile/haproxy_spec.rb index 1637caa9e..c02a0c1e6 100644 --- a/spec/classes/profile/haproxy_spec.rb +++ b/spec/classes/profile/haproxy_spec.rb @@ -306,7 +306,7 @@ it 'exports a firewall resource tagged haproxy' do expect(exported_resources).to contain_firewall('200 HTTP: HAProxy thisnode').with( source: my_ip, - tag: 'haproxy', + tag: 'somedc_haproxy', ) end diff --git a/spec/classes/profile/prometheus/exporter/node_spec.rb b/spec/classes/profile/prometheus/exporter/node_spec.rb index 15c214291..b9802e8b4 100644 --- a/spec/classes/profile/prometheus/exporter/node_spec.rb +++ b/spec/classes/profile/prometheus/exporter/node_spec.rb @@ -117,7 +117,7 @@ .with_dport(9091) .with_source(facts[:ipaddress]) .with_state('NEW') - .with_action('accept') + .with_jump('accept') end context 'with both public and private mlibrary_ip_addresses' do diff --git a/spec/classes/profile/prometheus_spec.rb b/spec/classes/profile/prometheus_spec.rb index a8855fd1f..e77da9f62 100644 --- a/spec/classes/profile/prometheus_spec.rb +++ b/spec/classes/profile/prometheus_spec.rb @@ -189,7 +189,7 @@ .with_dport(port) .with_source(facts[:ipaddress]) .with_state('NEW') - .with_action('accept') + .with_jump('accept') end end @@ -346,7 +346,7 @@ .with_dport(port) .with_source(ip_address) .with_state('NEW') - .with_action('accept') + .with_jump('accept') end end end